package com.yxw.yxnet_cd_center.common.utils;


import lombok.extern.slf4j.Slf4j;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;

import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import java.io.ByteArrayOutputStream;
import java.io.UnsupportedEncodingException;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;


//* 基于公钥、私钥的非对称RSA加密解密工具类
//@Slf4j
public class RSAUtil {

    public static final String CHARSET = "UTF-8";
    public static final String RSA_ALGORITHM = "RSA"; // ALGORITHM 算法的意思
    private static String publicKeyStr;
    private static String privateKeyStr;

    /**
     * 生成rsa公钥、私钥
     *
     * @param keySize
     */
    public static void createKeys(int keySize) {
        // 为RSA算法创建一个KeyPairGenerator对象
        KeyPairGenerator kpg;
        try {
            kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException("No such algorithm-->[" + RSA_ALGORITHM + "]");
        }

        // 初始化KeyPairGenerator对象,密钥长度
        kpg.initialize(keySize);
        // 生成密匙对
        KeyPair keyPair = kpg.generateKeyPair();
        // 得到公钥
        Key publicKey = keyPair.getPublic();
        publicKeyStr = Base64.encodeBase64URLSafeString(publicKey.getEncoded());
        // 得到私钥
        Key privateKey = keyPair.getPrivate();
        privateKeyStr = Base64.encodeBase64URLSafeString(privateKey.getEncoded());

        System.out.println("公钥：" + publicKeyStr);
        System.out.println("私钥：" + privateKeyStr);
    }

    /**
     * 得到公钥对象
     *
     * @param publicKey 密钥字符串（经过base64编码）
     * @return
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     * @throws Exception
     */
    public static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException, Exception {
        // 通过X509编码的Key指令获得公钥对象
        KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));
        RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
        return key;
    }

    /**
     * 得到私钥对象
     *
     * @param privateKey 密钥字符串（经过base64编码）
     * @return
     */
    public static RSAPrivateKey getPrivateKey(String privateKey) {
        // 通过PKCS#8编码的Key指令获得私钥对象
        KeyFactory keyFactory = null;
        RSAPrivateKey key = null;
        try {
            keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
            key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            System.out.println("获取RSA私钥异常:" + e.getMessage());
            throw new RuntimeException("获取RSA私钥异常:" + e.getMessage());
        } catch (InvalidKeySpecException e) {
            e.printStackTrace();
            System.out.println("获取RSA私钥异常:" + e.getMessage());
            throw new RuntimeException("获取RSA私钥异常:" + e.getMessage());
        }
        return key;
    }

    /**
     * 公钥加密
     *
     * @param data
     * @param publicKey
     * @return
     */
    public static String publicEncrypt(String data, RSAPublicKey publicKey) {
        try {
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));
        } catch (UnsupportedEncodingException | InvalidKeyException | NoSuchAlgorithmException |
                 NoSuchPaddingException e) {
            throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
        }
    }

    /**
     * 私钥解密
     *
     * @param data
     * @param privateKey
     * @return
     */
    public static String privateDecrypt(String data, RSAPrivateKey privateKey) {
        try {
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), privateKey.getModulus().bitLength()), CHARSET);
        } catch (Exception e) {
            throw new RuntimeException("获取RSA私钥异常:" + e.getMessage());
        }
    }

    /**
     * 私钥加密
     *
     * @param data
     * @param privateKey
     * @return
     */

    public static String privateEncrypt(String data, RSAPrivateKey privateKey) {
        try {
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            //每个Cipher初始化方法使用一个模式参数opmod，并用此模式初始化Cipher对象。此外还有其他参数，包括密钥key、包含密钥的证书certificate、算法参数params和随机源random。
            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), privateKey.getModulus().bitLength()));
        } catch (UnsupportedEncodingException | InvalidKeyException | NoSuchAlgorithmException |
                 NoSuchPaddingException e) {
            throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
        } catch (Exception e) {
            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
        }
    }

    /**
     * //* 公钥解密
     * //*
     * //* @param data
     * //* @param publicKey
     * //* @return
     */

    public static String publicDecrypt(String data, RSAPublicKey publicKey) {
        try {
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, publicKey);
            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);
        } catch (UnsupportedEncodingException | InvalidKeyException | NoSuchAlgorithmException |
                 NoSuchPaddingException e) {
            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
        } catch (Exception e) {
            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
        }
    }

    //rsa切割解码  , ENCRYPT_MODE,加密数据   ,DECRYPT_MODE,解密数据
    private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) {
        int maxBlock = 0;  //最大块
        if (opmode == Cipher.DECRYPT_MODE) {
            maxBlock = keySize / 8;
        } else {
            maxBlock = keySize / 8 - 11;
        }
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        int offSet = 0;
        byte[] buff;
        int i = 0;
        try {
            while (datas.length > offSet) {
                if (datas.length - offSet > maxBlock) {
                    //可以调用以下的doFinal（）方法完成加密或解密数据：
                    buff = cipher.doFinal(datas, offSet, maxBlock);
                } else {
                    buff = cipher.doFinal(datas, offSet, datas.length - offSet);
                }
                out.write(buff, 0, buff.length);
                i++;
                offSet = i * maxBlock;
            }
        } catch (Exception e) {
            throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e);
        }
        byte[] resultDatas = out.toByteArray();
        IOUtils.closeQuietly(out);
        return resultDatas;
    }

    public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeySpecException {
        RSAUtil.createKeys(1024);
        RSAPublicKey publicKey = null;
        try {
            publicKey = RSAUtil.getPublicKey(publicKeyStr);
        } catch (Exception e) {
            System.out.println("e：" + e.getMessage());
            return;
        }
        String miwen = RSAUtil.publicEncrypt("123456", publicKey);
        System.out.println("密文：" + miwen);
        RSAPrivateKey privateKey = null;
        try {
            privateKey = RSAUtil.getPrivateKey(privateKeyStr);
        } catch (Exception e) {
            System.out.println("e：" + e.getMessage());
            return;
        }
        String mingwen = RSAUtil.privateDecrypt(miwen, privateKey);
        System.out.println("明文：" + mingwen);
        /*
        String sign = RSAUtil.privateEncrypt("000000", RSAUtil.getPrivateKey(privateKeyStr));
        RSAPublicKey publicKey = null;
        try {
            publicKey = RSAUtil.getPublicKey(publicKeyStr);
        } catch (Exception e) {
            e.printStackTrace();
        }
        String tempStr = RSAUtil.publicDecrypt(sign, publicKey);
        System.out.println(tempStr);
        */
    }

    public static String getPublicKeyStr() {
        return publicKeyStr;
    }

    public static String getPrivateKeyStr() {
        return privateKeyStr;
    }
}


